AI Insights
Showing results for 
Search instead for 
Did you mean: 

Automated cybersecurity spells the end of manual processes


By Arthur Cole.

Given the increasingly complex nature of today's distributed digital ecosystem and the need to push ever-more critical workloads onto third-party IT environments, it's no surprise that many organizations are turning to automated cybersecurity. Virtually everything about IT is being automated these days, particularly as Big Data and the Internet of Things (IoT) push tasks like resource provisioning and data orchestration past the capabilities of the human brain. It would almost be a dereliction of duty to forgo security in this highly automated world, particularly when it comes to protecting sensitive customer data.

Smarter security testing

While automation of any kind is usually met with trepidation from IT, research from a number of credible sources shows that security skills will be in high demand as IT becomes more distributed, the edge breaks down, and the number of vulnerable entry points increases. Mark Painter, security evangelist at Hewlett Packard Enterprise, says the enterprise will be compelled to automate as much of its security regime as possible, if only to keep up with burgeoning data loads. Of particular concern is security testing, which is already being hit with increasing varieties of parameters and scenarios, not to mention the need to maintain continuous monitoring and scanning. Automated cybersecurity will be better able to address perennial concerns such as tracking down out-of-date software and handling the encryption responsibilities of burgeoning customer, employee, and machine-to-machine (M2M) data.

The nature of the challenge will give rise to a cybersecurity regime that is not only automated but also intelligent, with the federal government providing the impetus. According to The New York Times, the Defense Advanced Research Projects Agency (DARPA), the same folks who brought us the Internet, has launched the CyberGrand Challenge, a two-year contest with no less than a $2 million first prize to devise a next-generation platform that can detect intruders, identify flaws in existing architectures, and then fix them with little to no human involvement. The guideline is a system that would have stopped the Heartbleed security flaw, which sat quietly in web servers across the globe for years before it was discovered, with still no clear indication if it was ever targeted by hackers or not. As The New York Time's Kenneth Changjune describes it, the future of security is to make computers smart enough to protect themselves.


The need for integration

While Big Data and the IoT present security challenges, they can also be a boon to automated cybersecurity. The challenge, says Philip Quade, a top cyber expert at the National Security Agency, is to scale up automated monitoring and response capabilities in a cohesive manner so as not to overwhelm the broader security management stack. In this example, an unnamed agency was experiencing more than one billion incidents per day while their manual processes could address about 65—some of which took up to 11 hours to resolve. "It's all about integration and automation to accommodate security at speed and scale, " he said. Using a simple off-the-shelf automated cybersecurity solution, they were able to field upwards of 10,000 responses simultaneously, with resolution ranging from one second down to 0.1 seconds. "What we really need," Quade says, "are COTS-based solutions that use standards — an open standards based approach. With this new approach, the tools can be integrated as they become available."

Automated cybersecurity functions

Automation can impact a wide range of security functions—from intrusion detection and patch management to establishing security parameters. But it can also take on some of the bigger-picture issues, such as decreasing the attack surface of the distributed architecture and increasing the performance of security platforms and professionals alike. As RSA President Amit Yoran told Fortune magazine recently, it's time to start doing this differently because "what the security industry has been doing has not worked." Among his top priorities are better access control on the application and data layers, as well as improved network and workload micro-segmentation, both of which are time-consuming and difficult to enforce. And ideally, these capabilities should be introduced without disrupting the user environment.

Despite increased automation, the fundamental aspects of security remain the same: prevent intrusions and respond quickly to those that do occur. An automated cybersecurity regime will improve these functions and put your data on a level playing field with the rest of the digital world.

To learn more about cybersecurity risks, read the Cyber Risk Report 2016.


Arthur Cole.jpeg

Arthur Cole.  With more than 20 years of experience in technology journalism, Arthur has written on the rise of everything from the first digital video editing platforms to virtualization, advanced cloud architectures and the Internet of Things. He is a regular contributor to IT Business Edge and Enterprise Networking Planet and provides blog posts and other web content to numerous company web sites in the high-tech and data communications industries.

0 Kudos
About the Author


Tracy Siclair has worked for HPE for 20 years in various positions, all geared towards providing a better customer experience. She has a passion for thinking out-of-the-box and finding innovative ways to get the job done. While not on a computer for work, she enjoys watching her kids play sports, photography, videography, and the occasional game of billiards. Tracy resides in beautiful Fort Collins, Colorado.